<?php
/**********************************************************
  eCode Marketing System
  Version 0.1
  Add Offer Handler (/admin/handler.offer_add.php)
**********************************************************/

// Require configuration
define("FROMSCRIPT", true);
require dirname(__FILE__) . "/../config.php";

// Require coupon generator function
require_once dirname(__FILE__) . "/function.coupon_generate.php";

// Start session if not already started
session_start();

if(!isset($_SESSION['login_t'])) {
	/* If we're not logged in, take us to the login
	   page and ensure the rest of the code isn't run */
	header("Location: /admin/login.php");
	exit;
}

$pagetitle = "Add Offer (Admin)";
$pageheading = "<a href=\"/admin/index.php\">" . SITE_NAME . " Administration</a> &gt; Add Offer";
$page_content = "<hr />\n";

// Escape POST'ed data for MySQL database
$offer_line[1] = $db->escape($_POST['offer_line1']);
$offer_line[2] = $db->escape($_POST['offer_line2']);
$offer_line[3] = $db->escape($_POST['offer_line3']);

if(!isset($_POST['campaign_id']) || !is_numeric($_POST['campaign_id'])) {
	// No campaign to add offer to
	$page_content .= "<div id=\"error-box\"><span class=\"error\">ERROR</span>: No campaign was selected for addition of an offer. Select a campaign by using the Campaign selector on the Add Offer page.</div>\n";
} else if(strlen($offer_line[1]) > 32) {
	// Offer line 1 longer than 32 chars
	$page_content .= "<div id=\"error-box\"><span class=\"error\">ERROR</span>: Offer line 1 is longer than 32 characters. Please enter a shorter phrase for this line.</div>\n";
} else if(strlen($offer_line[2]) > 32) {
	// Offer line 2 longer than 32 chars
	$page_content .= "<div id=\"error-box\"><span class=\"error\">ERROR</span>: Offer line 2 is longer than 32 characters. Please enter a shorter phrase for this line.</div>\n";
} else if(strlen($offer_line[3]) > 32) {
	// Offer line 3 longer than 32 chars
	$page_content .= "<div id=\"error-box\"><span class=\"error\">ERROR</span>: Offer line 3 is longer than 32 characters. Please enter a shorter phrase for this line.</div>\n";
} else if($db->get_row("SELECT * FROM `" . DB_TBL_PREFIX . "campaigns` WHERE campaign_id = '" . $db->escape($_POST['campaign_id']) . "'") == false) {
	// Non-existent campaign
	$page_content .= "<div id=\"error-box\"><span class=\"error\">ERROR</span>: The campaign selected does not exist. Select a campaign by using the Campaign selector on the Add Offer page.</div>\n";
}else if($db->get_row("SELECT * FROM `" . DB_TBL_PREFIX . "offertypes` WHERE offer_type_id = '" . $db->escape($_POST['offer_type']) . "'") == false) {
	// Non-existent offer type
	$page_content .= "<div id=\"error-box\"><span class=\"error\">ERROR</span>: The offer type selected does not exist. Select an offer type by using the Offer Type selector on the Add Offer page.</div>\n";
} else if((isset($_POST['offer_value']) && $_POST['offer_value'] != '') && ($_POST['offer_type'] != 0 && $_POST['offer_type'] != 3 && $_POST['offer_type'] != 4)) {
	// Cannot use an offer value on this kind of offer
	$page_content .= "<div id=\"error-box\"><span class=\"error\">ERROR</span>: This type of offer does not accept an offer value.</div>\n";
} else if((!is_numeric($_POST['offer_price']) || floatval($_POST['offer_price']) == 0) && ($_POST['offer_type'] != 3 && $_POST['offer_type'] != 4)) {
	// Cannot have a zero or empty amount on anything but free offers
	$page_content .= "<div id=\"error-box\"><span class=\"error\">ERROR:</span> Offer amount cannot be 0. Use a \"Free\" offer type for free offers.</div>\n";
} else {

/* generate the image */

$campaign = $db->get_row("SELECT * FROM `" . DB_TBL_PREFIX . "campaigns` WHERE campaign_id = '" . $db->escape($_POST['campaign_id']) . "'");
/* Get the expiration date of the offer. */

foreach($_POST as $key=>$val) {
	if($key != 'campaign_id') $off[$key] = $val;
}

$off['offer_end_date'] = $campaign->end_date;
/* Create offer coupon image. */
$offer_img = coupon_generate($off, $coupon);

	if($offer_img == false) {
		/* Fail, send back error */
		$err = error_get_last();
		$page_content .= "<div id=\"error-box\"><span class=\"error\">ERROR:</span> Could not create coupon image.</span><br />Error info: <pre>" . $err['message'] . "</pre></div>\n";
	} else {
		/* Insert into database. */
		$db->query("INSERT INTO `" . DB_TBL_PREFIX . "offers` (offer_id, campaign_id, offer_line1, offer_line2, offer_line3, offer_type, offer_price, offer_value, offer_pos_code) VALUES (NULL, '" . $db->escape($_POST['campaign_id']) . "', '" . $offer_line[1] . "', '" . $offer_line[2] . "', '" . $offer_line[3] . "', '" . $db->escape($_POST['offer_type']) . "', '" . $db->escape($_POST['offer_price']) . "', '" . $db->escape($_POST['offer_value']) . "', '" . $db->escape($_POST['offer_pos_code']) . "')");

		/* Save image file from before */
		$offid = $db->insert_id;
		file_put_contents(CACHE_DIR . "/" . $campaign->campaign_id . "_" . $offid . ".png",  $offer_img);

		$page_content .= "<div id=\"success-box\">Offer ID " . $offid . " was added successfully.</div>\n";
		$page_content .= "<p class=\"centered\"><a href=\"/admin/list_offers.php?cid=" . $_POST['campaign_id'] . "\">Back</a> to Offer List</p>\n";
	}
}

$page_content .= "<p class=\"centered\"><a href=\"/admin/list_campaigns.php\">Back</a> to Campaign List</p>\n";
$page_content .= "<hr />\n";
$page_content .= "<p><a href=\"/admin/index.php\">Back</a> to " . SITE_NAME . " Administration</p>\n";

// Get template
require TEMPLATE_DIR . "/index.php";
?>